éåžžã«éåžžå€ã®ç®¡çè ã«ãããåçšã®åäžãµãŒã㌠Web ãããžã§ã¯ãã®ã³ã³ãããŒã« ããã«ã®ãããªãã®ã®å¿ èŠæ§ãŸãã¯äžå¿ èŠæ§ã«ã€ããŠãããã€ãã®ææ³ãå ±æããããšæããŸãã äºã®å§ãŸãã¯æ°å¹Žåãå人ã®å人ãç§ã«ããã¥ãŒã¹ãµã€ããšããäŒæ¥ã®è²·åãæè¡çãªèŠ³ç¹ããæäŒã£ãŠã»ãããšé Œãã ããšã«ãããŸãã äœãäœã«åãçµãã§ããã®ããå°ãæãäžããŠãå¿ èŠãªãã¹ãŠã®è©³çŽ°ãé©åãªåœ¢åŒãšéã§è»¢éãããŠããããšã確èªããäœãæ¹åã§ããããæŠç¥çã«ææ¡ããå¿ èŠããããŸããã
ååŒã¯å®äºãããŽã¡ã€ãªãªãã¹ãã¯ããå¿
èŠãªããªã£ãã çµããã ããŸãã
ãã®ãµã€ãã¯ãLinode äžã®ãã¥ã¢ã«ã³ã¢ 4 GB VM äžã§ã皌åæé 5 æ¥ã®èããã Debian400 äžã§å®è¡ãããæªæŽæ°ã®ããã±ãŒãžã®ãªã¹ããå«ãŸããŠããŸããã èªäœã® CMSãnginxãphp5.3 FPMãmysql ã§èª¿æŽããã Percona äžã® Web ããŒãã ååçã«ã¯ããŸããããŸããã
ç§ãšã®äŒè©±ãšäžŠè¡ããŠãæ°ãããªãŒããŒã¯ãããžã§ã¯ããæåŸ éãã«é²ããããã°ã©ããŒãæ¢ããŠããŸããã èŠã€ãã£ãã ããã°ã©ããŒã¯ãã©ãã£ãã¯ãšããªã¥ãŒã ãè©äŸ¡ããæé©åãšã³ã¹ã管çã®æ¹æ³ãç¥ã£ãŠãããšå€æããŸããã 圌ã¯ãµã€ãå šäœãããã€ãã® IS****er ã管çãã 700 ã«ãŒãã«ã®å ±æãã¹ãã£ã³ã°ã«ç§»è¡ããŸããã æ°æ¥åŸããªãŒããŒãããŸãé»è©±ããããŸããããäœããããé ããŠãæ éããããã§ããã ããã«ã§ç¶æ³ãä¿®æ£ããããšããŸããããPHP ã®ããŒãžã§ã³ãŸãã¯ãã³ãã©ãŒã fcgi ãã fpm ã«å€æŽããããšããŠãã°ããç¡é§ãªè©Šã¿ãç¶ããåŸãè«ŠããŠã·ã§ã«ã«å ¥ããŸããã ããã§ç§ã¯ããã®æãŸã§ã«ãã«ãŠã§ã¢ãåæ§ã®ãã³ã»ã³ã¹ã§ã¯ã©ãã¯ãããŠããããã€ãã®ãã©ã«ããŒã®çèã777 ã®ãã¹ã¯ãŒãã䜿çšããŠã€ã³ã¿ãŒãããå šäœã§èŒããŠããæå¹ãªãããã°ãèŠã€ããŸããã ãªãŒããŒã¯ããã¹ãã£ã³ã°ãããã°ã©ããŒãç¶æ³ãç£èŠã§ãã管çè ãç¯çŽããã®ã¯ééãã§ãããšèªèããå€æããŸããã
RuVDSã«è¡ããŸãã è±åœã® Linode ãããå°ãè¿ããå人ããŒã¿ãªã©ãçªç¶ä¿åããããªã£ãå Žåã§ããä»ã®å Žæã«ç§»åããå¿ èŠã¯ãããŸããã ãããžã§ã¯ãã¯æ¡åŒµããäºå®ã ã£ãã®ã§ãæ¡åŒµçšã« 4 ã³ã¢ã8 GB ã®ã¡ã¢ãªã80 GB ã®ãã£ã¹ã¯ã® VM ãæ¡çšããŸããã nginx æ§æãæåã§æ§æããæ¹æ³ãããããªããšããããã§ã¯ãããŸããããã®ãããžã§ã¯ãã«ããã»ã©èŠªå¯ã«åãçµãç±æããªãã£ãã ãã§ã (ããŒãã¿ã€ã ã«ã€ããŠã¯äžèšãåç §)ã ãã®ãããç§ã¯ Plesk ãã€ã³ã¹ããŒã«ããŸãã (ããã§ã¯ã€ã³ã¹ããŒã«ã®è©³çŽ°ã¯çç¥ããŸããã€ã³ã¹ããŒã«ã®è©³çŽ°ã¯ã»ãšãã©äœããªãããã§ããã€ã³ã¹ããŒã©ãŒãèµ·åãã管çè ã®ãã¹ã¯ãŒããèšå®ããããŒãå ¥åããŸãããããã§ãã¹ãŠã§ã)ããã®æç¹ã§ã¯ Plesk 㯠17.0 ã§ããã åºæ¬èšå®ã¯ãã®ãŸãŸäœ¿çšããŠãåé¡ãªãåäœããfail2ban ãšå©çšå¯èœãªææ°ããŒãžã§ã³ã® PHP ãš nginx ããããŸãã
ãããããç«ã¡æ¢ãŸã£ãŠãã®çç±ã説æãã䟡å€ãããã§ãããã ç§ã¯ãã®ãããªããšã¯ãã£ãã«è¡ãããåã±ãŒã¹ã«å¯Ÿå¿ããããã®ç¹å¥ãªããŒã«ãæºåã»ãããæã£ãŠããªãã®ã§ã第äžã«ãè¿ éã«ã第äºã«ãå®å šã«ããããŠç¬¬äžã«ãåºæ¬çãªããšãäœããã®åœ¢ã§èªååããå¿ èŠãããããšã¯æããã§ããã ããã¹ãŠèª°ãããã§ã«å®è£ ããŠãããã¹ããã©ã¯ãã£ã¹ã§ãã
ãšããããšã§ãã€ã³ã¹ããŒã«ããŠã¿ãŸããã æ°ãããµãŒããŒã§ã®ãµã€ãã®åèµ·åã¯ã»ãŒç¬æã«å®äºãããããæéãå€§å¹ ã«ç¯çŽã§ããŸããã æ®ã£ãŠããã®ã¯ãããã¹ã«èšå®ãç·šéããŠãã¡ã¢ãªã®ååãäžããŠãããã¡ ããŒã«ã®æ°ãå¢ãããnginx ã«ã³ã¢ã®ååãäžãïŒPlesk ã¯ã°ããŒãã«èšå®ã«ã¯è§ŠããŸããïŒãæ°æ¥éã·ã§ã«ã«å ¥ã£ãŠç¢ºèªããã ãã§ããã mysqltuner çµ±èšã§ã ã¯ãã溢ãããã£ããã«ãŠã§ã¢ãåãé€ãããã«ãæ¡åŒµæ©èœã«ã¿ãã°ããææã® ImunifyAV ãè³Œå ¥ããŸããã çŽ11000ã®ææãã¡ã€ã«ãçºèŠãããã å¿ãŸãããããšã«ãé£èªåãããã³ãŒãã®æçãéçãã¡ã€ã«ã«æµã蟌ãŸããŠãããæåã§ã¯ãªãŒãã³ã°ããã®ã¯ãŸã£ããéå±ã ã£ãã§ãããã æåã« ClamAV ãè©ŠããŠã¿ãŸããããçµå±ã®ãšããããã®ãããªããšã¯å¿ èŠãããŸããããImunifyAV ã§ã¯å¯èœã§ããã ããã«ãé§é€ããããã¡ã€ã«ã¯åäœç¶æ ãç¶æãããã«ãŠã§ã¢ãå«ãŸããéšåã¯åé€ãããã ãã§ãã
èšç®ã¯ç°¡åã§ããVMka ãæé¡ 50 ãã«ãPlesk ã 10 ãã« (3 ãæã®å²åŒã§ XNUMX 幎åãäžåºŠã«è³Œå ¥ãããããå®éã«ã¯ããããå°ãªããªããŸã)ããŠã€ã«ã¹å¯Ÿçã XNUMX ãã«ã§ãã ãããã¯ãæåã¯ãããã®å©èãæåã§ããéããããã«ãµãŒããŒã«è²»ãããã§ãããç§ã®æéã«å€é¡ã®ãéãè²»ãããŸããã ãªãŒããŒæ§ããã®åã決ãã«å€§å€ãæºè¶³ãããŸããã
ãã®éã«ã圌ãã¯æ°ããããã°ã©ããŒãèŠã€ããŸããã ç§ãã¡ã¯è²¬ä»»åæ
ã«ã€ããŠåœŒãšåæãããã¹ãççšã®ãµããã¡ã€ã³ãäœæããäœæ¥ãéå§ããŸããã 圌㯠Laravel ã§ãµã€ãã®æ°ããããŒãžã§ã³ãäœæããŠããŠãç§ã¯fail2ban%) ã調ã¹ãŠããŸããã
èå³æ·±ãããšã«ã奜å¥å¿ãããã人ã
ã®æµãã¯æ¢ãŸãããçŠæ¢ãããã¢ãã¬ã¹ã®ãªã¹ãã«ã¯åžžã«çŽ 20000 ã®ã¢ãã¬ã¹ãèŒã£ãŠããŸãã ãã®å¹æã¯èå³æ·±ããã®ã§ããç¹ã«ãéåžžãã·ã§ã«ã«ãã°ã€ã³ãããšãæšæ¶æã« SSH çµç±ã§ãã°ã€ã³ããããšãããšçŽ 30000 ïœ 2 åã®å€±æãèŠãããŸãã ãã§ã€ã« 70 ãã³ãæå¹ã«ãããšãçŽ 0ãæè³ãããåŽå: 2ãæ®å¿µãªãããè»èãäžæ»Žåãããªãã£ãããã§ã¯ãããŸããã ããã©ã«ãã§ã¯ãWAF (modsecurity) ã¯æ€åºã¢ãŒãã§ååæå¹ã«ãªã£ãŠããŸããã ã€ãŸãã圌ã¯çãããã¢ã¯ãã£ããã£ããã°ã«æžã蟌ã¿ãŸããããå®éã«ã¯äœãã¢ã¯ã·ã§ã³ãèµ·ãããŸããã§ããã ãããŠãfailXNUMXban ã¯æå¹ãªååæã«åŸã£ãŠãã¹ãŠã®ãã°ãç¡å·®å¥ã«èªã¿åãã移åãããã®ããã¹ãŠæ®ºããŸãã ãããã£ãŠãç·šéè
ã®ååãçŠæ¢ããŸãã:Dã ãã®ååæãç¡å¹ã«ããä¿¡é Œæ§ã確ä¿ããããã«å¿
èŠãª IP ã¢ãã¬ã¹ããã¯ã€ããªã¹ãã«ç»é²ããå¿
èŠããããŸããã ããŠã¹ã XNUMX åæŒããŠãIP ã¢ãã¬ã¹ãæããããã«ç·šéè
ã«æããããã®åªåãè²»ããããŸãã
ããã°ã©ããŒãããã«æ°ã«å
¥ã£ãã®ã¯ãããŒã¿ããŒã¹ãããã«ã«çŽæ¥ã¢ããããŒãã§ããããšãšãphpMyAdmin ã«çŽ æ©ãã¢ã¯ã»ã¹ã§ããããšã§ãã
ç§ãæ°ã«å
¥ã£ãã®ã¯ãã°ãšããã¯ã¢ããã§ãã ãã°ã¯ããã«æžã蟌ãŸããããŒããŒã·ã§ã³ãããŸãã ããã¯ã¢ããã®èšå®ã¯éåžžã«ç°¡åã§ãã æãé
ãå Žåã¯ãçŽ 10 ã®ã¬ã®å®å
šããã¯ã¢ãããäœæããããã®åŸãæ¯æ¥ããããã 200 ã¡ã¬ãã€ãã®å¢åããã¯ã¢ããã 3 é±éäœæãããŸãã ãªã«ããªã¯ç¹å®ã®ãã¡ã€ã«ãŸãã¯ããŒã¿ããŒã¹ã«è³ããŸã§çŽ°ããè¡ãããŸãã å¢å埩å
ãã埩å
ããå¿
èŠãããå Žåãæåã«ãã§ãŒã³å
šäœãå®å
šã«åŸ©å
ããå¿
èŠã¯ãªããPlesk ããã¹ãŠãèªåçã«å®è¡ããŸãã ããã¯ã¢ããã¯ãFTPãDropboxãSXNUMX ãã±ãããGoogle ãã©ã€ããªã©ãã©ãã«ã§ãã¢ããããŒãã§ããŸãã
F æ¥ç®: ããã°ã©ããŒãã€ãã«æ°ãããšã³ãžã³ãå®æãããç§ãã¡ã¯ããããããã¯ã·ã§ã³ã«ã¢ããããŒãããå€ãããŒã¿ãã€ã³ããŒãããŠãå°æ¥ã®ãã»ã©ãã£ã®è²ãéžæããããšã«ããŸããã ç§ãã¡ã¯ãŸã 座ã£ãŠéžæããŠããŸãã
æåã®åé¡ãå§ãŸããŸããã æ°ãããµã€ãã¯å€ããµã€ããããéããšäºæ³ãããŠããŸããããæ¬åœã®é
åã¯ãã©ãã£ãã¯ãéããããã«ãç¹ã«å€§éã®èšªåè
ãåŒã³èŸŒã Yandex.Zen ã䜿çšããããšã§ããã ãµã€ã㯠150 ã®åææ¥ç¶ã§ã¯ã©ãã·ã¥ããŸãã (RPS ã«ã€ããŠã¯è©±ããŠããŸããã枬å®ããŠããªãããã§ã)ã php_fpm èšå®é åã§ãã¿ã³ãæŒããããããåãå§ããŸããã
ãªããšã圌ã¯ãã§ã« 500 ã®æ¥ç¶ãæã£ãŠããŸãã ããã¢ãŒã·ã§ã³æ段ã«ã¯ã¬ãžããã«ãŒããå ããã«ã€ãããã©ãã£ãã¯ã®æ³¢ã¯ããã«å€§ãããªã£ãã 次ã®ãã€ã«ã¹ããŒã³ã¯ãåææ¥ç¶æ° 1000 ã§ãã ããã§ã¯ã³ãŒããåä»äžãããçèã®æ¬è³ªã調ã¹ãå¿
èŠããããŸããã æ°Žãã¶ãã¯åœ¹ã«ç«ã¡ãŸããã§ããããå®éã«ã¯æåŸ
ããŠããŸããã§ããã mysqltuner ã®ã¢ããã€ã¹ã«åŸã£ãŠãã¹ã㌠ã¯ãšãª ãã°ãæå¹ã«ããããŒã¿ããŒã¹ã«ã€ã³ããã¯ã¹ãè¿œå ããã³ãŒãããäžèŠãªã¯ãšãªãåé€ããå床 mysql èšå®ãã¯ãªãŒã³ã¢ããããŸããã
æ°ããªææŠ - 2000 æ¥ç¶ã Plesk 17.8 ã®ããŒãžã§ã³ããªãªãŒã¹ãããŸããããã®ããŒãžã§ã³ã«ã¯ããšããã nginx ãã£ãã·ã¥ãè¿œå ãããŸããã æŽæ°ãããŸããïŒé©ãã»ã©ç°¡åã§ãïŒã ãã£ãŠã¿ããã å¹ãïŒ ãããŠåœŒãã¯ãœãããµã€ãã«èžã¿åºããYandex.Zenãã£ãŒããæ©èœããªããªããŸããã ãµã€ãã¯æ©èœããŠããŸããããã£ãŒãã¯æ©èœããŠããŸããã ãã£ãŒããæ©èœããªãããããã©ãã£ãã¯ããããŸããã é°å²æ°ãçãäžãã£ãŠããŠããŸãã ç¶æ³ããã®ãã¬ãã·ã£ãŒãšæ³ååã®æ¬ åŠãããç§ã¯ããã« strace ãš nginx ã«ã¢ã¯ã»ã¹ããæ¢ããŠãããã®ãèŠã€ããŸããã ããæç¹ã§ãæããªnginxãYandex get feed.xmlãžã®å¿çãšããŠéè¯ã®500çªç®ã®ãšã©ãŒããã£ãã·ã¥ããããšãå€æããŸããã ãã£ãã·ã¥èšå®ã«äŸå€ãè¿œå ããããšã§ä¿®æ£ããŸããã
ãªãŒããŒããã£ãšå¿
èŠãšããŠããã®ã¯æããã§ãæ³¢ã¯ãã£ãããšé«ãŸã£ãŠããŸãã ä»ã®ãšããã¯å¯ŸåŠããŠããŸãããäºåã« memcached ã®å®éšãéå§ããŸããã幞ããªããšã«ãLaravel ã¯ã»ãŒãã®ãŸãŸã®ç¶æ
㧠memcached ããµããŒãããŠããŸãã ãéãã§ã¿ããããã ãã« memcached ãæåã§ã€ã³ã¹ããŒã«ããããªãã£ãã®ã§ãdocker ã€ã¡ãŒãžãã€ã³ã¹ããŒã«ããŸããã ããã«ããçŽæ¥ã
ããŒããåã§ããã·ã§ã«ã«ç§»åã㊠pecl çµç±ã§ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããå¿
èŠããããŸããã å³ã«
次ã«ãã¡ãŒãªã³ã°ãªã¹ããæ·»ä»ããå¿ èŠããããŸããã ãªã¬ãŒã¯ãªããSMTP èªèšŒã®ã¿ã§ãã ã¡ãŒã«ã¢ãã¬ã¹ãèšå®ãããã®è©³çŽ°ã䜿çšã㊠PHP çµç±ã§ãã¥ãŒã¹ã¬ã¿ãŒãéä¿¡ããŸãã
Plesk Obsidian (18.0) ããªãªãŒã¹ãããå°ãåã«ãç§ãã¡ã¯éå»ã®çµéšã«åºã¥ããŠæããããšãªãæŽæ°ããŸããã ãã¹ãŠãéåžžã«ã¹ã ãŒãºã«é²ã¿ã話ãããšã¯äœããããŸããã§ããã å¬ããã®ã¯ãã€ã³ã¿ãŒãã§ã€ã¹ã®å質ã倧å¹
ã«åäžããããçŸä»£çã«ãªããããã€ãã®å Žæã§ãã䟿å©ã«ãªã£ãããšã§ãã Grafana ã®é«åºŠãªã¢ãã¿ãªã³ã°æ©èœã¯çŽ æŽããããã®ã§ãã
ãŸã 詳ããã¯æ±ã£ãŠããŸããããããšãã°ãã¡ãŒã«å
ã®ä»»æã®ãã©ã¡ãŒã¿ã«å¯ŸããŠã¢ã©ãŒããèšå®ã§ããŸãã ãªãŒããŒãããžïŒç¬ïŒã
ã€ã³ã¿ãŒãã§ã€ã¹ã«ã€ããŠè©±ããŠããŸãããå¿çæ§ãé«ããé»è©±ã§ãéåžžã«ããŸãæ©èœããŸãã åæ段éã§ã¯ãPHP ãªã©ã®æé©ãªèšå®ãèŠã€ããããšããŠããã®ã§ãããããã¯éåžžã«åœ¹ã«ç«ã¡ãŸããã ç¹ã«ãããã°ã©ããŒãä»äºã«ç±äžããŠ23æã«äœããããŠãããšããç§ã¯ä»äºã«ç±äžããŠé湯ã§ãŠã©ãã«ã飲ãã§ããŠãç·æ¥ã«äœããåãæ¿ããå¿ èŠããããšãã§ãã
ãã£ãããããã°ã åçã¯PHP Composerãç»å Žãããšããã§ãã ç§ãã¡ã¯ãŸã ãããè©ŠããŠããŸããããããšãã°ãLaravel ã®å Žåãã·ã§ã«ãžã®ãã°ã€ã³ãæ°åç¯çŽããäŸåé¢ä¿ã®ã€ã³ã¹ããŒã«ã«ãããæéãç¯çŽã§ããŸãã Node.JS ãš Ruby ã«ãåãã·ã¹ãã ãååšããŸãã
SSL ã䜿çšãããšããã¹ãŠãç°¡åã«ãªããŸãã ãã¡ã€ã³ãæåŸ ã©ããã«è§£æ±ºããããšãLet's Encrypt ã¯ã¯ã³ã¯ãªãã¯ã§å®äºãããã¡ã€ã³èªäœããµããã¡ã€ã³ãããã«ã¯ã¡ãŒã« ãµãŒãã¹ã®äž¡æ¹ã«å¯ŸããŠæŽæ°ãããŸãã
ãœãããŠã§ã¢ãšããŠã® Plesk èªäœã¯ãçŸæç¹ã§ã¯éåžžã«å¿«é©ã§å®å®ããŠããŸãã ããèªäœãš Axis ã¯éãã«æŽæ°ããããªãœãŒã¹ã®æ¶è²»ãã»ãšãã©ãªããã¹ã ãŒãºã«åäœããŸãã ã©ããã§äœããèžãã èšæ¶ãããããŸããããããã¯è£œåã®æãããªæ¬ é¥ã§ãããã ãã¡ããåé¡ã¯ãããŸããããæ§æãäžå®å
šã ã£ãããæ¥ç¶éšåã®ã©ãããåå ã ã£ãã®ã§ãæå¥ãèšãå¿
èŠã¯ãããŸããã Plesk ã䜿ã£ãäœæ¥ã®å°è±¡ã¯ãæŠããŠæ¥œãããã®ã§ãã ããã«ã¯ã¯ã©ã¹ã¿ãªã³ã°ãå«ãŸããŠãããããããç解ããå¿
èŠããããŸãã LBã§ãHAã§ããªãã ãã£ãŠã¿ãããšã¯ã§ããŸãããåŽåãéåžžã«ããããããæåããäœãå¥ã®ããšãè¡ãæ¹ãè¯ãã§ãããã
èŠçŽã§ãããšæããŸãã 管çè ãããªãå ŽåããŸãã¯ååãªç®¡çè ãããªãå Žåããã¹ãã£ã³ã°ãšãã®äžã§å転ãããµã€ãã®äŸ¡æ Œããããšãã° 100 ç±³ãã«ãè¶ ããå Žåã1500 ãã«ã®ç£ã®å ±æã«ã€ããŠè©±ããŠããããã§ã¯ãããŸãããææ決å®è ãããŒãã¿ã€ã ã®ç®¡çè ãéããããœãããŠã§ã¢ãè³Œå ¥ã㊠10 ãã«ã§ç®¡çè ãéããããŸã£ãã管çè ãéããªããã®éžæè¢ãããå Žåãããã¯ééããªãçã«ããªã£ãŠããŸãã ãªã¢ãŒã管çè ã®èŠ³ç¹ããèŠãŠããåãããšã§ãã æé¡ XNUMX ãã«ã§æéãç¯çŽããé·æéã®äœæ¥ã«æè»æ§ããããããŸããПãã倧ããªéã ããšãã°ãåæ§ã®ãããžã§ã¯ããç§ã®æ åœãšããŠåŒãåãããã匷ãæ±ããããå Žåãç§ã¯ããã Plesk ã«ç§»ç®¡ããããšã䞻匵ããŸãã
åºæïŒ habr.com